I have an Azure Automation which connects to Exchange with certificate (setup follows this). I can successfully connect with a runbook, and run commands like Get-ExoRecipient, Get-ExoMailbox on user accounts or just use Get-AcceptedDomain.
However if I try to use the commands Get-ExoMailboxStatistics or Get-EXOMailboxPermission, I receive an error of "User is not allowed to call Get-MailboxStatistics" (sic!) and ""User is not allowed to call Get-MailboxPermission" (sic!). Longer error message is attached 274826-automat-xchange-bug.txt.
The application have the Exchange Administrator role, Exchange.ManageAsApp API permission, and also tried out with and without adding it to a custom Exchange role group and giving various extra Exchange permissions - without any change in the error message. Tried with both EOL PS 2.0.5, 3.0.0 & 3.1.0, same error everywhere.
What kind of privilige do I need to add to the automation to make those two commands working?
I have no problems running the script on my PC, with my own personal admin account.